Apple Releases macOS High Sierra 10.13.2 Supplemental Update with Spectre Mitigation

1 minute read
| Product News

Apple released macOS High Sierra 10.13.2 Supplemental Update Monday, a security update designed to mitigate Spectre. The company said last week that it would protect against Spectre with changes to JavaScript in Safari, which this update does.

iMac Pro with an Apple logo and a lock

Apple’s security release notes:

macOS High Sierra 10.13.2 Supplemental Update

Released January 8, 2018

Available for: macOS High Sierra 10.13.2

Description: macOS High Sierra 10.13.2 Supplemental Update includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and Paul Kocher in collaboration with Daniel Genkin of University of Pennsylvania and University of Maryland, Daniel Gruss of Graz University of Technology, Werner Haas of Cyberus Technology, Mike Hamburg of Rambus (Cryptography Research Division), Moritz Lipp of Graz University of Technology, Stefan Mangard of Graz University of Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz of Graz University of Technology, and Yuval Yarom of University of Adelaide and Data61 for their assistance.

Spectre is one of two security vulnerabilities uncovered by researchers—the other was called Meltdown, which Apple mitigated in Macs in the first macOS High Sierra 10.13.2 release. Both vulnerabilities potentially allow malicious hackers to compromise your data by exploiting the way it’s handles way down at the processor level.

Meltdown essentially affected all modern computers with Intel processors, while Spectre affected all the major processors. Apple mitigated Meltdown in iOS, macOS, and tvOS before it was widely known to exist. Apple also mitigated Spectre in iOS on Monday with the release of iOS 11.2.2.

Add a Comment

Log in to comment (TMO, Twitter, Facebook) or Register for a TMO Account